cyril7: Exactly, to repeat, TCL have some issues to deal with, looking around the planet at other DOCSIS operators I dont see users b1tching about ARP storms like TCL have. The fact that TCL take no reponsibility for CPE end NAT routers or supporting them in some form or manner indicates they dont give a damn.

To give TCL some credit (not sure if I should) I suspect this is a lot of legacy, Saturn built the network out in Kapiti, wanted to make their lives easy so assigned static IP's and kept the network flat, and it has just grown from there.I remember when I was tracing ARP traffic I sniffed ~500-600 unique devices ARPing, now granted this was before the network separation, and you have to also consider that they were (not sure if they still are) running the management network for the Cable Modems themselves (also on a 10.x network) in the same broadcast domain as the Public Internet. Plus I also sniffed ~20 unique Class C subnets, so 20x256 + 10.x.x.x networks... potentially that's a whole lot of unique devices on the network. Taking into account that prior to the split that would be for every household with 1x internet and 1xDigital TV, that's 4 unique devices. I could easily see how the device numbers could climb quickly the more customers were on it.

So far I personally can't fault the Cable service. My linksys router (now a RV042, was WRT54GL) has never missed a beat, always had good down, and more importantly good up speeds, plus the latency is low, so makes for VoIP over VPN to international services achieveable and without a noticible loss in voice quality. And skype works a treat as well.

Hi all, I work for TelstraClear and can provide some answers (I hope!):

*** Any decent router-switch should work. Of course, make sure you buy a router-switch with NAT capability.

*** The TelstraClear cable network is currently configured as follows:

--- Static IPs for each customer. In other words, the single PC that you currently have connected to the cable mode is assigned a static IP. --- The cable modem acts as a bridge (switch) and not a router. This is different from Telecom's network. --- In other words, the cable modem does not NAT (network address translate).--- The cable modem only allows traffic for the single IP address that you have been provided to flow through it. --- DHCP is not used.--- PPP is not used.

*** In other words, you need to configure your router along the lines of:

--- Connect one interface of the router-switch to the cable modem (via the CAT5 cable that your PC was connected to)--- Ensure that this interface is configured with the static IP/netmask that was configured on your PC (and provided by TelstraClear).--- Configure one or more bridged interfaces for the PCs that you want to connect to the router-switch. Use any RFC 1918 address space: 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16.--- Ensure NAT is enabled between the external interface (connecting to the cable modem) and the bridged internal ones (connecting to your PCs)--- Configure up DHCP on the router-switch if you want to. (Handy of course.)

You will need to consult the manual for your router-switch for details on how to configure the above. It should be reasonably straight forward. Let me know what router-switch you have, and if the manual is publically available I can look through it for you and give you some pointers.

On the TelstraClear network and ARP traffic. As one commenter pointed out, this is an issue resulting from the legacy heritage of the cable network. The good news is that we are continually working on improving and evolving the network. One of the areas we are focusing on in the short to medium term is to reduce the ARP traffic seen by customers.

Hi Olof, thanks for joining the forum, do you have any timescales for changes that will contain ARP traffic. And do the CMTS's contain a router per sey or are they pretty much a bridge device relying on an upstream router to contain each node segment, which presumable in the current TCL network is missing or limited in ability.

On the TelstraClear network and ARP traffic. As one commenter pointed out, this is an issue resulting from the legacy heritage of the cable network. The good news is that we are continually working on improving and evolving the network. One of the areas we are focusing on in the short to medium term is to reduce the ARP traffic seen by customers.

Following Olofs excellent example I should come clean and say I work for TCL as well. More importantly I'm one of the chaps engineering the vlan segmentation of the cable network.

Our solution for the arp issue is currently undergoing some fairly thorough UAT testing at the moment, we're anticipating rolling it into production sometime in the next 6 - 10 weeks. Ballpark figure at best at the moment i'm afraid as there's a bunch of layer 1 clean up and capacity augmentation going on in Wlg atm that needs to finish up before we can successfully segment.

Once that's done tho your average pc behind a modem should only ever see ARP coming from our router for devices on the same CMTS that you're on. No more arp floods making my life "interesting" when a hacked limewire install starts casuing a machine to arp for 0.0.0.0, YAY! :)

Once that's done tho your average pc behind a modem should only ever see ARP coming from our router for devices on the same CMTS that you're on. No more arp floods making my life "interesting" when a hacked limewire install starts casuing a machine to arp for 0.0.0.0, YAY! :)

OMG no wonder a small risc based router with limited resources gets sweaty armpits and goes on strike.

doppleganger: Following Olofs excellent example I should come clean and say I work for TCL as well. More importantly I'm one of the chaps engineering the vlan segmentation of the cable network.

Thank you for a very insightful detail as to what is going on, and I can fully understand why making substantial changes such as you are would require extensive testing. It's very refreshing to see someone stand up and say things are being worked on and a high level ETA of when changes may occur (albeit I am sure Will look forward to seeing my "network" light flashing just that little bit less, helps to save electricity :P

Hi, just to bring this back to the top, I caught up with Pete (knoydart) the other day to attempt to sort out his router, a Netgear 614, which is newly purchased and has the lattest firmware loaded. All WAN and LAN settings, were correct, NAT blocks were checked to not be in place, essentially all should be dandy, and the router would pass traffic from LAN to WAN, but not via the cable modem. And yes all the correct WAN IPs/net masks, and gateway and DNS addresses were correctly loaded and work fine if loaded into the PC directly with PC directly connected to SurfBoard (a 5101).

Having a look at the cable modems admin (192.168.100.1) it appeard the modem was happy with the routers MAC, and getting the router to clone the PCs MAC made no difference, repowering each time to ensure the surfboard picked up the new MAC. The cable modem appeared happy.

What is also strange is that when pinging a external IP (ie www.clear.net.nz) DNS worked as the router get the external address for clear, but would not pass any ping packets, same occured for HTTP, browser would report found server but no traffic would pass.

As Pete said earlier, the very same thing happened when another brand router was setup in a similar manner, so while it would be tempting to point a finger at the router, I have my doubts. Its as if either the Surfboard or CMTS or router above it is not happy with some element of the packets created by a router.

I was meaning to update the situation myself. The last post summed it up (sadly) so any of you telstra bods out there wanting to add your 2c's, feel free. There is a small post script in that I rang Telstra and started to try and fault find the problem. They got me to change the DNS servers as apprently I was on Paradise DNS and not Clear DNS's, even though the DNS's were set up by the nice person from Downer. This breifly worked but then stopped worked after having to reboot the pc because Xp crashed. So still not working , ho hum. We are back to 1 pc in the surfboard at a time...

Honestly guys, not wanting to sound like a broken record or anything, but have you bothered to try a Linksys WRT54GL with DD-WRT?? I suspect your problem would magically disappear. I had another friend who also used a Netgear 614 for months without any success replaced it with a WRT54GL with DD-WRT and have not heard from him since about internet problems. It's just not worth the **TIME** or money bothering with any other router from my experience, I know many people who have wasted HOURS trying to get other routers working with no success..

Stephen, if you are heading down to Wgtn any time in the future, give me a call and I will be happy to lend you my spare one.

1) Buy WRT54GL from Ascent, (I don't work for them, but their prices are fair, and it's free delivery!)2) Download the Miniand Standard versions of DD-WRT Version 2.43) Wait for router to turn up, and unbox and plug in (don't bother with the included CD), connect from laptop / desktop to wired (not wireless) connection.4) Browse to router at http://192.168.1.1 login with admin/admin (default for Linksys firmware) and firmware upgrade to DD-WRT with the MINI version first (VERY IMPORTANT that you upgrade to Mini first, as the stock linksys firmware doesn't support images larger than 3MB, and the Standard is 3.6MB).5) Wait for router to reboot, then login to http://192.168.1.1 logging in this time with root/admin (default for DD-WRT) and upgrade from Mini to Standard firmware (since you can upgrade to 4MB images as the WRT54GL has a 4MB flash with DD-WRT loaded), also reset to factory defaults as part of firmware upgrade.6) Wait for reboot and browse to http://192.168.1.1 again and change to static IP, plug in your TCL static IP plus the Paradise DNS servers.7) Change Wireless Network name, and enable WPA2 or at the very least WPA since WEP or No Encryption is asking for trouble! Otherwise disable wireless all together!!8) And you are done, remember the days that you had random dropouts from your TCL internet connection..

Other extra things you could do:

I like turning on the Enable / Disable wireless with Quick Setup Button, this means that you can with the quick setup button on the front of the router enable or disable your wireless, good if you want to stop people snooping when you are away at work. You can also by default have the wireless turned off when you boot, then turn it on with the quick setup button. Nice feature.

I am happy to configure anyones WRT54GL if they feel uncomfortable with the steps above.

Using anything else unless you KNOW that router is ok, is just a waste of time (and consequently money!) Phew, end of rant!

Hi Peter, while I am happy with your recommendation on WRT, which I have flashed on to routers before, I dont believe that this is totally the issue here as I have seen various basic routers just like the 614 that pete has work on the ARP flooded TCL network albeit with eventaul difficulties due to the excessive ARP overhead.

In this situation a freshly booted and correctly configured router simply does not pass traffic, this I belive is someother issue seperate to the ARP levels that typically upset small/basic routers, even then these routers will work with no issues for a period before being overwhelmed by ARP traffic, this one cannot even get a peep other than DNS service, which it seems to do easily without trouble.

cyril7: In this situation a freshly booted and correctly configured router simply does not pass traffic, this I belive is someother issue seperate to the ARP levels that typically upset small/basic routers, even then these routers will work with no issues for a period before being overwhelmed by ARP traffic, this one cannot even get a peep other than DNS service, which it seems to do easily without trouble.

I have seen that when you change physical devices connected to the Cable Modem that the Cable Modem needs a reboot due to it being locked to only one MAC address. And if you ring up TCL they can configure a newer profile for the Cable Modem that allows you to change the MAC address on the fly. However experience tells me that whenever I change the device connected to the Cable Modem I always give it a reboot for good measure. I assume you are rebooting the router whenever you change the connected device??? Or not?

For that reason I am not at all a fan of MAC address cloning for the above reason, my view is, plug in the router with correct IP already configured, reboot cable modem... and see what happens.

Yes, rebooted everytime. I let the router use its own MAC as well as cloning the PCs and the modem (via 192.168.100.1) confirmed it had picked up the new MAC, there is a page in the Surfboard that shows what MAC it has associated with, so I dont think that was the issue.